Class UserAudit

  • All Implemented Interfaces:
    Serializable

    public class UserAudit
    extends FortEntity
    implements Serializable
    This entity is used to pass search criteria into the AuditMgr APIs, down through the org.apache.directory.fortress.core.impl.AuditP process layer and finally into the org.apache.directory.fortress.core.impl.AuditDAO data access layer. Once the data has been retrieved from the directory it will be passed back to the caller using one of audit output entities.

    All audit data is returned to user using one of the following:

    • Authorization events: AuthZ
    • Authentication events: Bind
    • Modification events: Mod

    Author:
    Apache Directory Project
    See Also:
    Serialized Form
    • Constructor Detail

      • UserAudit

        public UserAudit()
    • Method Detail

      • getObjName

        public String getObjName()
        Get the optional objName attribute which limits set by org.apache.directory.fortress.core.model.Permission#objName. For modification search, this attr maps to org.apache.directory.fortress.core.impl.AuditDAO#REQMOD. For authorization search, it will map to org.apache.directory.fortress.core.impl.AuditDAO#REQDN. The object name is derived from another class name which represents targets for Fortress authorizations. For example AdminMgrImpl or 'CustomerCheckOutPage'.
        Returns:
        the name of the object which maps to 'reqDn' for 'auditSearch' target, or 'reqMod' for 'auditMod' search.
      • setObjName

        public void setObjName​(String objName)
        Set the optional objName attribute which limits set by org.apache.directory.fortress.core.model.Permission#objName. For modification search, this attr maps to org.apache.directory.fortress.core.impl.AuditDAO#REQMOD. For authorization search, it will map to org.apache.directory.fortress.core.impl.AuditDAO#REQDN. The object name is derived from another class name which represents targets for Fortress authorizations. For example AdminMgrImpl or 'CustomerCheckOutPage'.
        Parameters:
        objName - maps to 'reqDn' for 'auditSearch' target, or 'reqMod' for 'auditMod' search.
      • setFailedOnly

        public void setFailedOnly​(boolean failedOnly)
        The failedOnly flag will limit result set to include only authN or authZ events that have failed.

        Parameters:
        failedOnly - if boolean true search will limit to failed only.
      • getOpName

        public String getOpName()
        Get the optional opName attribute which limits AuditMgrImpl.searchAdminMods(UserAudit) by org.apache.directory.fortress.core.impl.AuditDAO#REQMOD. The operation name is derived from a method name of a class which represents targets for Fortress authorizations. For example 'read', 'search' or 'add'.
        Returns:
        value that maps to 'reqMod' on 'auditMod' object class.
      • setOpName

        public void setOpName​(String opName)
        Set the optional opName attribute which limits AuditMgrImpl.searchAdminMods(UserAudit) by org.apache.directory.fortress.core.impl.AuditDAO#REQMOD}. The operation name is derived from a method name of a class which represents targets for Fortress authorizations. For example 'read', 'search' or 'add'.
        Parameters:
        opName - attribute maps to 'reqMod' on 'auditMod' object class.
      • getUserId

        public String getUserId()
        Get the optional userId attribute which limits set by org.apache.directory.fortress.core.model.User#userId. For authentication searchs, this attr maps to org.apache.directory.fortress.core.impl.AuditDAO#REQDN. For authorization search, it will map to org.apache.directory.fortress.core.impl.AuditDAO#REQUAUTHZID. The userId for this search represents the end user.
        Returns:
        the userId which maps to 'reqDn' for authentications or 'reqAuthzID' for authorization events.
      • setUserId

        public void setUserId​(String userId)
        Set the optional userId attribute which limits set by org.apache.directory.fortress.core.model.User#userId. For authentication searchs, this attr maps to org.apache.directory.fortress.core.impl.AuditDAO#REQDN. For authorization search, it will map to org.apache.directory.fortress.core.impl.AuditDAO#REQUAUTHZID. The userId for this search represents the end user.
        Parameters:
        userId - maps to 'reqDn' for authentications or 'reqAuthzID' for authorization events.
      • getInternalUserId

        public String getInternalUserId()
        Get the optional internalUserId attribute which limits set by org.apache.directory.fortress.core.model.User#internalId. For AuditMgrImpl.searchUserSessions(UserAudit) this attr maps to org.apache.directory.fortress.core.impl.AuditDAO#REQMOD. The internalUserId for this search represents the end user but is stored as its internal id.
        Returns:
        the internalUserId which maps to 'reqMod' for 'auditModify' object class searches.
      • setInternalUserId

        public void setInternalUserId​(String internalUserId)
        Set the optional internalUserId attribute which limits set by org.apache.directory.fortress.core.model.User#internalId. For AuditMgrImpl.searchUserSessions(UserAudit) this attr maps to org.apache.directory.fortress.core.impl.AuditDAO#REQMOD. The internalUserId for this search represents the end user but is stored as its internal id.
        Parameters:
        internalUserId - maps to 'reqMod' for 'auditModify' object class searches.
      • getBeginDate

        public Date getBeginDate()
        Get the Date for search to begin. The earlier the date, the more records will be returned. This attribute is mapped to 'reqStart' on slapd audit records which provides the start time of the operation which is also the rDn for the node.
        Returns:
        attribute that maps to 'reqStart' in audit object classes.
      • setBeginDate

        public void setBeginDate​(Date beginDate)
        Set the Date for search to begin. The earlier the date, the more records will be returned. This attribute is mapped to 'reqStart' on slapd audit records which provides the start time of the operation which is also the rDn for the node.
        Parameters:
        beginDate - attribute that maps to 'reqStart' in audit object classes.
      • getEndDate

        public Date getEndDate()
      • setEndDate

        public void setEndDate​(Date endDate)
        Parameters:
        endDate -
      • getDn

        public String getDn()
        Get the optional dn attribute can be used to constraint AuditMgrImpl.searchUserSessions(UserAudit). The dn for this search may represent any target entry in DIT that has been recently modified or deleted.
        Returns:
        the dn which maps to 'reqDn' for 'auditModify' object class searches.
      • setDn

        public void setDn​(String dn)
        Set the optional dn attribute can be used to constraint AuditMgrImpl.searchUserSessions(UserAudit). The dn for this search may represent any target entry in DIT that has been recently modified or deleted.
        Parameters:
        dn - maps to 'reqDn' for 'auditModify' object class searches.
      • getObjId

        public String getObjId()
      • setObjId

        public void setObjId​(String objId)
      • isAdmin

        public boolean isAdmin()
      • setAdmin

        public void setAdmin​(boolean admin)